-
Notifications
You must be signed in to change notification settings - Fork 2
/
user_database.py
121 lines (73 loc) · 2.71 KB
/
user_database.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
import sys
import os
import hashlib
import random
import time
from datetime import datetime
print "importing sha3"
import sha3
from flask.ext.sqlalchemy import SQLAlchemy
sys.path.insert(0, os.path.dirname(os.path.abspath( __file__ )))
from apper import *
user_db = SQLAlchemy(app)
#https://github.com/mrjoes/flask-admin/blob/master/examples/auth/app.py
class User(user_db.Model):
id = user_db.Column(user_db.Integer, primary_key=True)
first_name = user_db.Column(user_db.String(100))
last_name = user_db.Column(user_db.String(100))
login = user_db.Column(user_db.String( 80), unique=True)
email = user_db.Column(user_db.String(120))
password = user_db.Column(user_db.String(400))
salt = user_db.Column(user_db.String(400))
# Flask-Login integration
def is_authenticated(self):
return True
def is_active(self):
return True
def is_anonymous(self):
return False
def get_id(self):
return self.id
# Required for administrative interface
def __unicode__(self):
return self.login
def __repr__(self):
return "<User id %s first_name %s last_name %s login %s email %s password %s salt %s>" % \
tuple([str(x) for x in [ self.id, self.first_name, self.last_name, self.login, self.email, self.password, self.salt]])
def check_user_exists(username):
return user_db.session.query(User).filter_by(login=username).count() > 0
def get_user(username):
return user_db.session.query(User).filter_by(login=username).first()
def get_users():
users = [ x.login for x in User.query.order_by(User.login) ]
users.sort()
return users
def add_user(username, password, salt):
if check_user_exists(username):
raise KeyError
user = User()
user.login = username
user.password = password
user.salt = salt
user_db.session.add(user)
user_db.session.commit()
def get_salt(username):
return get_user(username).salt
def verify_user_credentials(username, password, noonce):
user = get_user( username )
pwd = user.password
cry = generate_password_hash(noonce+pwd)
print "verify_user_credentials: user %s pwd %s cry %s password %s" % ( user, pwd, cry, password )
if cry == password:
return True
else:
return False
def del_user(username):
user = get_user(username)
user_db.session.delete(user)
user_db.session.commit()
def generate_password_hash(seq):
return sha3.sha3_512( seq.encode('utf-8') ).hexdigest()
#return hashlib.sha512( seq ).hexdigest()
def gen_noonce():
return generate_password_hash( str(random.randint(0, sys.maxint)) + str(time.time()) + str(datetime.now().microsecond) )